lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZK17X4ueSI5rWKVL@orome>
Date:   Tue, 11 Jul 2023 17:55:11 +0200
From:   Thierry Reding <thierry.reding@...il.com>
To:     Stanimir Varbanov <stanimir.varbanov@...e.com>
Cc:     Stanimir Varbanov <svarbanov@...e.de>, linux-tegra@...r.kernel.org,
        linux-arm-kernel@...ts.infradead.org, iommu@...ts.linux.dev,
        linux-kernel@...r.kernel.org, Krishna Reddy <vdumpa@...dia.com>,
        Will Deacon <will@...nel.org>,
        Robin Murphy <robin.murphy@....com>,
        Joerg Roedel <joro@...tes.org>
Subject: Re: [RFC PATCH] iommu: arm-smmu-nvidia: Add default domain type
 implementation op

On Tue, Jul 11, 2023 at 01:58:34PM +0300, Stanimir Varbanov wrote:
> Hi Thierry,
> 
> Thank you for the comments!
> 
> On 7/10/23 13:40, Thierry Reding wrote:
> > On Mon, Jul 10, 2023 at 11:22:52AM +0300, Stanimir Varbanov wrote:
> >> Add def_domain_type implementation op and override default IOMMU
> >> domain Kconfig option (CONFIG_IOMMU_DEFAULT_PASSTHROUGH=y), which
> >> could be enabled on some distros. The current quirk has been done
> >> for Tegra234 machine, because I found the issue on it. The issue
> >> itself appears on USB host controller which cannot be initialized
> >> without IOMMU translation. Something more, we proved that IOMMU
> >> translation is needed for display and GPU drivers as well.
> >>
> >> I evaluated few possible options to solve that:
> >>
> >>  a) select default IOMMU domain from .def_domain_type op
> >>  b) Unset CONFIG_IOMMU_DEFAULT_PASSTHROUGH=n
> >>  c) add iommu.passthrough=0 on the kernel cmdline
> >>  d) firmware - ACPI / DT
> >>
> >> a) This option is implemented in the proposed patch.
> >>
> >> b) Since that the community has agreed that pass-through is preferred
> >> as a default IOMMU domain option because this will avoid performance
> >> impacts on some of the platforms [1]. On the other side we have examples
> >> where you cannot even install Linux distribution on a machine where the
> >> storage media cannot be detected and the system just hangs.
> > 
> > That's not how I read that thread. It sounds more to me like Will and
> > Robin had ideas on how to improve the performance and were planning to
> > address these issues. It doesn't exactly sound to me like there was
> > concensus to make passthrough the default.
> > 
> > Having said that, given that it's possible for distributions and users
> > to set CONFIG_IOMMU_DEFAULT_PASSTHROUGH=y, I think it would be useful in
> > general to have a way of enforcing IOMMU translations if it's needed by
> > the hardware.
> 
> Exactly, the problem is that some platforms prefer passthrough to avoid
> performance impacts but others cannot even boot the kernel (and thus
> installation failure). Passing iommu.passthrough=0 should be an
> administrator decision, balancing between security and performance.
> 
> On the other hand the aforementioned mail thread gave some performance
> numbers which might be are outdated having the improvements made in smmu
> driver in mind. Unfortunately, I cannot confirm that the performance has
> been improved during that time.
> 
> > 
> > I'm not sure I fully understand the particular problems that you're
> > seeing on Tegra234, though. I'm not aware of anything in the USB host
> > controller driver (or hardware, for that matter) that would require the
> > IOMMU to be enabled. The only peculiarity that I can think of is the
> > firmware, which is typically loaded by an early bootloader and therefore
> > might perhaps need the IOMMU to properly map this in the kernel.
> > However, my understanding is that this firmware is loaded into special
> > carveout regions which don't require remapping.
> 
> On Jetson Orin AGX (R35.2.1) I see these errors:
> 
> tegra-mc 2c00000.memory-controller: unknown: write @0x0000000000000080:
> EMEM address decode error (EMEM decode error)
> 
> tegra-xusb 3610000.usb: Error while assigning device slot ID
> tegra-xusb 3610000.usb: Max number of devices this xHCI host supports is 36.
> usb usb2-port3: couldn't allocate usb_device
> tegra-mc 2c00000.memory-controller: unknown: write @0x0000000000000090:
> EMEM address decode error (EMEM decode error)
> tegra-xusb 3610000.usb: Error while assigning device slot ID
> tegra-xusb 3610000.usb: Max number of devices this xHCI host supports is 36.
> usb usb1-port3: couldn't allocate usb_device
> 
> tegra-mc 2c00000.memory-controller: unknown: write @0x00000000000000a0:
> EMEM address decode error (EMEM decode error)
> tegra-xusb 3610000.usb: Error while assigning device slot ID
> tegra-xusb 3610000.usb: Max number of devices this xHCI host supports is 36.
> usb usb1-port4: couldn't allocate usb_device
> 
> > 
> > However, passthrough is admittedly not something that we've thoroughly
> > tested, so it's possible you're running into a use-case that I'm not
> > aware of. In that case, could you provide a few more specifics (such as
> > the DTB and .config) of your build configuration so that I can try and
> > reproduce?
> 
> To reproduce you have to add iommu.passthrough=1 on kernel cmdline. The
> dtb is from Jetpack.

I was able to reproduce this on Jetson Orin NX (the differences to AGX
Orin should be negligible in this context), though I ended up patching
the DTB to disable all SMMUs. What fixed it for me was to drop the
dma-coherent property from the usb@...0000 node. Can you try that on
your end to see if that works for you as well?

Not that that's a proper solution, of course, but just trying to find
out if there's perhaps something else going on.

From the looks of it, it seems like these devices aren't actually DMA
coherent inherently, but rather the SMMU translations make the accesses
to memory coherent. I'm trying to find out the exact details, but if it
turns out to be the case, then what we really want is a way for an IOMMU
to mark any devices that get attached to it as DMA coherent. It's not
sufficient to hard-code this in DT because there are various ways in
which device can end up not attached to an IOMMU despite what the DT
says.

Jason, or anyone of the IOMMU folks, any thoughts on how this could be
achieved? DT already has a way of walking up the "DMA hierarchy" looking
for a DMA coherent parent, but again, making this rely entirely on DT
seems insufficient.

Thierry

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ